Transforming IT Blog
Join us in the Transforming IT HP Blog where we will discuss reinventing IT to overcome obstacles and take advantage of Instant on Enterprise opportunities.

Is the security of your converged infrastructure assured?

thCAH54YAC.jpgJust when you thought you had it all figured out, having adapted your security program for virtualization and cloud – along comes the converged data center (CDC).  What does this actually mean? How much change will your security program have to undergo? In order to answer these questions and more, we need to first define converged data center. The best definition that I have found is “A data center, which has a common, modern IT architecture that pools resources across servers, servers and networking.”

 

If we accept this definition of the CDC, we can then make some assumptions as to what changes would be needed within an organization’s security program. 

 

To illustrate this, I have highlighted the primary areas that CISOs should be aware:

 

  • Physical and logical security will converge, requiring a single view of anomalous events occurring at the physical as well as logical layers within the data center.
  • CDC assets (server, storage and networking) will meld together requiring that security professionals acquire a working knowledge of how to protect all three homogeneously.
  • Data center assets will become commoditized being primarily configured and utilized through computing fabrics. Security technologies will need to deeply integrate within these computing fabrics.
  • Cloud-computing platforms will reside atop CDC platforms requiring further process integration in order to enable the cloud platform to access CDC resource pools. Security will need to protect the cloud and the CDC uniformly accounting for each platform’s unique threat profile.
  • Computing requirements will be fulfilled through abstractions of the IT enterprise creating a dynamic computing environment. Security will need to be applied using similar abstractions.
  • Resource pools will require high-degrees of availability and failover. Security and continuity related downtime will need to be all but eliminated as change control windows dramatically diminish.
  •  IT assets will require defined assurance levels in order to ensure they are abstracted commensurate with the security policies specified for the application or service requesting computing resources.

 

Converged infrastructures bring converged threats.  Networking physical and logical resources and assets together opens new threat vectors for exploitation by internal and external sources of risk.   The CDC creates a unified cyber domain, opening up previously un-accessible assets to attack. In addition, the CDC is about more than just IT assets, it involves the orchestration of people, processes and operations.  Each of these represents their own unique risks.

 

If you want to learn more about converged data centers, check out HP's Converged Infrastructure resource site. Also, keep tuned to this blog site to see my next posting discussing HP’s CDC Assure Reference Architecture.

 

I would like to know your thoughts and insights on protecting a converged infrastructure as well as what specific steps you have already taken to protect your next generation data center.

 

10/4 UPDATE: HP has announced HP OneView, a breakthrough infrastructure management platform that’s a giant stride toward the truly converged data center. You can learn about new services for HP OneView here.

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Tari is a Distinguished Technologist with 30 years of IT and cyber security experience. He is dual board certified in information security/b...
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.